eGov16804
The XSS vulnerability via the name of an object when creating a process can no longer be exploited
Internal builds
eGov16526
In the properties of “Collections for Templates and Presettings” the property “Access Protection” has been added on the new form page “Settings” (FSCORGCONFIG@15.1001:PageTemplateCollectionSettings). In this property, you can choose between three authorization types:
For newly created “Collections for Templates and Presettings”, the authorization type is set to “Hierarchical: Only the defined team (and their superordinate and subordinate groups) may access the template collectionrooms for presets and its content”
Hierarchical: Both the subordinate and higher-level organizational units are considered. As before, a distinction is made between “Full Control”/”Change Access”/”Read Access” and User. This means that the objects in the collection can only be used if an organizational unit has been entered under User
Public: All User habe “Read Access” and usage rights
eGov16747
An error when delegating activities via the menu “Delegate to User” (EGOVBASE@15.1001:MenuDelegateToUser) has been fixed. The behavior of the delegation is analogous to the menu “Prescribe” (FSCWFEXT@15.1001:MenuPrescribeToUser). Previously, the Process Responsible and, if available, the renaming of the activity were not transferred correctly
eGov16630
When attaching the Customizing App to a Group this Group is automatically added as App User in the generated Customizing Configuration
eGov16656
With the action FOLIOEX@15.1001:SetSeqNumberHistory the parameter reamarke is now interpreted and written to the attribute COOELAK@1.1001:regremark attribute. Previously it had no function
eGov16623
Certain PDFs that contain forms, are no longer downloaded automatically when viewed using the viewer
eGov16746
The search related to the action “Synchronize Teams” (COOELAK@1.1001:SyncAvailableTeams) has been optimized for an asynchronous search. Previously, an incomplete search result could occur for more than 10,000 teams
eGov16750
An XSS attack via the name of a redaction is no longer possible
Internal builds
Release